Oracle Linux 8 : python3.11-cryptography (ELSA-2024-3105)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-3105 advisory. - Security fix for CVE-2023-49083 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has n...

Oracle Linux 8 : gstreamer1-plugins-bad-free (ELSA-2024-3060)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3060 advisory. - Patch CVE-2023-40474: Integer overflow - Patch CVE-2023-40475: Integer overflow - Patch CVE-2023-40476: Integer overflow in H.265 video parser Tenabl...

Oracle Linux 9 : kernel (ELSA-2024-3306)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3306 advisory. - netfilter: nftables: disallow anonymous set with timeout flag Phil Sutter RHEL-32971 RHEL-30082 CVE-2024-26642 - netfilter: nftables: mark set as dea...

container-tools:ol8 security update

...

Oracle Linux 7 : libreoffice (ELSA-2024-3304)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3304 advisory. - Fix CVE-2022-38745 Empty entry in Java class path - Fix CVE-2023-0950 Array Index UnderFlow in Calc Formula Parsing - Fix CVE-2023-1183 libreoffice: Arbitrary...

Oracle Linux 9 : tomcat (ELSA-2024-3307)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3307 advisory. - Resolves: RHEL-31048 tomcat: Apache Tomcat: WebSocket DoS with incomplete closing handshake CVE-2024-23672 - Resolves: RHEL-31032 tomcat: : Apache...

kernel security and bug fix update

5.14.0-427.18.14.OL9 - Disable UKI signing Orabug: 36571828 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug:...

kernel security, bug fix, and enhancement update

4.18.0-553.OL8 - Update Oracle Linux certificates Kevin Lyons - Disable signing for aarch64 Ilya Okomin - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list olkmodsigningkey.pem Orabug: 29539237 - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x...

Oracle Linux 9 : nodejs (ELSA-2024-2910)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2910 advisory. 1:16.20.2-8.0.1 - Fix CVE-2024-28182, CVE-2024-22025, CVE-2024-25629, CVE-2024-27982, CVE-2024-27983 Tenable has extracted the preceding description...

Oracle Linux 7 : thunderbird (ELSA-2024-2913)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-2913 advisory. 115.11.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 115.11.0-1 - Update to...

Oracle Linux 9 : thunderbird (ELSA-2024-2888)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-2888 advisory. 115.11.0-1.0.1 - Add Oracle prefs 115.11.0-1 - Update to 115.11.0 build2 Tenable has extracted the preceding description block directly from the Oracle...

Oracle Linux 9 : nodejs:20 (ELSA-2024-2853)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2853 advisory. - Backport nghttp2 patch for CVE-2024-28182 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Not...

Oracle Linux 9 : firefox (ELSA-2024-2883)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2883 advisory. 115.11.0-1.0.1 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.11.0-1 - Update to 115.11.0 build1 Tenable has...

firefox security update

115.11.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 115.11.0-1 - Update to 115.11.0 build1...

Oracle Linux 7 : firefox (ELSA-2024-2881)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2024-2881 advisory. 115.11.0-1.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add...

Oracle Linux 9 : nodejs:18 (ELSA-2024-2779)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2779 advisory. nodejs 1:18.20.2-2 - Removes .ps1 files - Rebase to 18.20.2 - Fixes: CVE-2024-27983, CVE-2024-28182, CVE-2024-27982, CVE-2024-25629 nodejs-nodemon...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2024-12385)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12385 advisory. - KVM: x86: Add BHINO Daniel Sneddon Orabug: 36509092 CVE-2024-2201 - x86/bhi: Mitigate KVM by default Pawan Gupta Orabug: 36509092 CVE-2024-2201 - x86/bhi...

Oracle Linux 9 : .NET / 7.0 (ELSA-2024-2843)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2843 advisory. 7.0.119-1.0.1 - Add OracleLinux support Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note th...

Oracle Linux 9 : .NET / 8.0 (ELSA-2024-2842)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2842 advisory. 8.0.105-1.0.1 - Add support for Oracle Linux 8.0.105-1 - Update to .NET SDK 8.0.105 and Runtime 8.0.5 - Resolves: RHEL-35317 Tenable has extracted the...

.NET 8.0 security update

8.0.105-1.0.1 - Add support for Oracle Linux 8.0.105-1 - Update to .NET SDK 8.0.105 and Runtime 8.0.5 - Resolves: RHEL-35317...